More than 400 million devices are running Windows 10 in 192 countries across the world. As support dwindles for the previous operating systems those numbers are going to continue to grow as more and more users will adopt Microsoft’s “last OS”.

This means we need to keep up, and we’re working hard to do just that.

Microsoft brought over a feature from their tablets and iterations of Windows 8/8.1 called Secure Boot, which relies on UEFI specified boot functionality to prevent malicious software or unauthorized operating systems from loading during the system start-up process. This essentially clamps down on applications which try and edit the boot record or make unauthorized changes during boot-up.

Our instant recovery software requires a change to the boot record in order to run its restore before Windows loads, as well as gives users the ability to load into the subsystem.

RollBack Rx Home and Professional as well as our restore on reboot programs Reboot Restore Rx and Reboot Restore Rx Professional do have Authenticode for Windows 10 Secure Boot. Our software works on most of the Windows 10 systems with Secure Boot enabled. However, some users are still reporting problems – why?

Secure Boot is a feature – a software code – in the UEFI BIOS. Since it is a software it could have a bug. Some PC manufacturer’s own Secure Boot code has bugs in it, making it incompatible with Microsoft’s own Authenticode. This is what’s behind the problems we’ve seen so far.

While we’re going to continue to work to get our software running cleanly through any manufacturer, it’s also a matter of those manufacturers getting their own code up to date. If you are experiencing a problem with our software being flagged as not digitally signed this means you are using one of those bugged versions. In this case, please send in a support ticket at support.horizondatasys.com and let us know the manufacturer and the make/model of your PC. Afterwards, please uninstall our software, then disable SecureBoot, then reinstall our software.

We will continue to work on our end to make our software run clean and efficient on those machines, just as it does on hundreds of thousands of others.

Previously, Drive Vaccine was pushed as the “upgraded”
version of Reboot Restore Rx, offering additional features the freeware version
lacked such as centralized management, password protection, command line switch
capabilities and more. As Reboot Restore Rx Professional this will not change.

However, due to feedback from our end users who reported
confusion when looking to upgrade from Reboot Restore Rx and not understanding
the best upgrade path, Horizon DataSys has deemed the rebrand necessary.

Give it a download! Try it out! Get in touch with us if you have any questions.

For more information please visit Horizon DataSys online at horizondatasys.com, or call in
toll-free at 1-800-496-0148.

I've seen some pretty big boasting about this product and have to ask, how in the world would it protect you from ransomware as I've seen it said? You may not know when you were infected, and many of those malicious programs identify and disable rollback programs and backups.

The software itself takes snapshots on a schedule the administrator sets. As long as the state it took a snapshot of is clean, then it will be untouched by other snapshots/the current state of the machine. Thus, if you find yourself in a ransomware infection on your current state you can load into one of those older, clean states and the files will not be encrypted, as the ransomware was not present at that time.

The software itself also takes snapshots differently than other programs. It's not a backup, per se, but rather a scanning of the sectors of the drive at the time of its snapshot. Then it stores that information and encrypts it itself in its own area.

You are correct though that if you don't know exactly when you were infected it could take some time and loading of other snapshots before finding a clean state again.

From what I've seen of some of the Ransomware, how do you load a different snap shot? do you have to create a boot disk? I know I had one Microsoft licensing ransomware program that there was no way to reboot the system and load a previous stable version of windows and its files. I only had one option, which was to reformat the computer. Are you saying your software would have allow me to avoid that? What about a windows update gone bad?

So I never heard of RollBack before and came across it in a discussion. Looks interesting and maybe a solution for some of my resi and small biz clients but I'm curious how it would fare against some of the new crypto malwares (crypto locker, locky, et al).

Seems like you're keeping the rollback copies on the local drive so I'm wondering how you prevent a crypto variant from either deleting your copies (like some delete VSS copies) or encrypting them (like some variants encrypt NTFS alternate data streams).

My understanding is that the horizon data files are stored in a separate area that users don't have write access to, so they wouldn't be affected. But I'd certainly like to hear from Sam (Horizon DataSys) or someone else at Horizon to confirm this.

So, RollBack Rx's snapshots aren't saved or stored on the Windows file level, as they rather work on the sector-level of the local disk. While you are correct that the snapshots are stored on the local drive, they are encrypted and kept safe on the sector-level from any Windows level issue, including ransomwares.

While there are certains strains of ransomware which affect the MBR and delete VSS copies, this will not affect the other snapshot states, and our software protects the MBR as well.

Essentially, the snapshot states are cut off from any Windows activity, and keep themselves protected through its own encryption and MBR protection. Ransomwares out to date haven't been able to infect these other states, so simply swapping to an older, safe state has proven to be effective.

I hope this clears things up. If not, feel free to ask more questions!

Cheers!

(Also, some additional reading on the matter if you want to know more:

Hi just curious is anyone has an experience in whether Rollback RX will protect (in a wierd way) against the encryption viruses? ie - user opens and gets an encrypted system and we then roll back to the day before

Does that sound plausible? or has anyone actually done it?

If so i'd be tempted to try and roll out Rollback to all our customers

I've started a new job where Reboot Restore Rx is being used in several lab environments. I've recently created several laptops with the same image and then install Reboot Restore Rx. Some of them work fine and some of them blue screen when you start the computer up (not on install). They have Windows 8.1 (I believe this also happens on Win 7 but have no personal experience to back that up) and the laptops are all the same model. I've tried uninstalling and reinstalling RRRx but the blue screen comes back.

The tech I work with says you have to reimage the computers and reinstall RRRx which does work some of the time. He says that they have talked to tech support and not gotten any satisfactory answer other than to reimage and start over.

Currently I'm working on a laptop that I've redone twice and don't really care to do it a third time just to see if it works. Do you have any idea what causes this? it makes no sense that one time it would work fine and another it wouldn't if the hardware and software of the computer is the same. Looking for any help I can get on this. Thanks.

Sorry to hear of your troubles there. You're right, there has to be a logical reason for these blue screens to be happening. As I understand your process, you are using the same image across multiple machines with the same hardware, just differing OS' occasionally and yet only some of them are experiencing these issues.

Quick question - during the boot process do you see the RRRx screen? If so, can you press 'HOME' and go into the subsystem?

Some quick checks I would work on would be to disable Hibernation before installing RRRx. As the software alters the MBR, having this option enabled can cause conflicts. Ensure all Windows/Other updates you want are up to date. Then install. If these are in place, it should install fine.

Having said that I would still like to connect with you further on this. Could you PM me your contact info? I'd like to get you in contact with a senior technician ASAP.

I've only seen it on Win 8.1. Any other OS at this point is hearsay but I added it in case it was something known to you guys.

I can see the boot screen just fine and can get to the subsystem. I've been able to successfully uninstall before on this computer and then reinstalled thinking it may have just been a weird install the first time around.

I'll check the hibernation thing. I haven't looked at the build to see what's going on there but will disable it if it's enabled. Should that be an issue if the computer never went into hibernation mode?

Horizon DataSys in Spiceworks

1,096 IT Pros Follow Horizon DataSys

Horizon DataSys

About Horizon DataSys

No matter what industry you’re in or where you are in the world we all share a common IT goal – to quickly and easily recover from any catastrophe. Horizon DataSys helps you do just this while making you look like a hero at the same time.

Horizon DataSys is a software development company that focuses on creating simple tools addressing PC management, OS integrity, and instant restore solutions. We have created software products that ensure IT environments save time, money and resources in maintaining their workstations.

RollBack Rx is our flagship product. It turns PC's into a virtual time machine. In essence, you can instantly recover from any PC disaster within seconds.

Drive Vaccine is a lighter version of RollBack Rx that is designed to compete with lower technology solutions to protect public access PC's by simply offering them a single baseline from which the workstations can be restored on every reboot, logoff or on any fixed schedule.